0

I'm running an Ubuntu 16.04 LTS box and trying to get a second NIC up on it. Here is the /etc/network/interfaces config:

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

#nic1
auto et6543
iface et6543 inet static
address 10.16.15.100
netmask 255.255.255.0
gateway 10.16.15.1
dns-nameservers 10.16.15.141
dns-domain example.ext

#nic2
auto et1234
iface et1234 inet static
address 10.16.16.100
netmask 255.255.255.0
gateway 10.16.16.1
dns-nameservers 10.16.15.141
dns-domain example.ext

When I add the second nic information, I get failures when I try to restart the networking service... The ifconfig shows the correct network information, but is unreachable on the network from the switch just above the server. I have a feeling the errors are contributing to this.

Errors are:

error resolving pool ntp.ubuntu.com: Temporary failure in name resolution (-3) admin : unable to resolve host webserver1 admin : problem with defaults entries ; TTY=pts/1 ; PWD=/ ;

Journeyman Geek
  • 6,969
  • 3
  • 31
  • 49
kellyredbook
  • 67
  • 9
  • Both interfaces have a default gateway, which isn't what I'd expect when adding a second NIC - is the intent to equal-cost route between these two different gateways? – Shane Madden Apr 22 '17 at 07:00
  • Internal and external IPs. The external routes to a DMZ and the internal is for accessing those resources locally. – kellyredbook Apr 22 '17 at 13:23

1 Answers1

1

I think you are trying to make this server accessible from both networks, but you only need to use one of them, the DMZ, when the server connects to the internet. Otherwise you wouldn't need to have it on the DMZ network at all as the internal network also has a connection to the internet (based on that it has a gateway - and the opposite would have been quite rare).

  • Remove the default gateway from the internal network interface (which I guess must be the nic2/et1234). You don't need route to 0.0.0.0 here as you want to use router 10.16.15.1 for connecting anything but your internal network 10.16.16.0/24.
  • Based on the error you probably don't have routing to the nameserver 10.16.15.141 on your 10.16.16.0/24 network. Remove it (or replace with a DNS server that works on this interface, if necessary). All recursive DNS queries can use the 10.16.15.1 from nic1.

Resulting configuration:

#nic1 - external DMZ
auto et6543
iface et6543 inet static
address 10.16.15.100
netmask 255.255.255.0
gateway 10.16.15.1
dns-nameservers 10.16.15.141
dns-domain example.ext

#nic2 - internal
auto et1234
iface et1234 inet static
address 10.16.16.100
netmask 255.255.255.0
Esa Jokinen
  • 43,252
  • 2
  • 75
  • 122
  • Thanks, I ended up just going with the one NIC since I don't fully understand all this, but I appreciate your response, gives me something to think about for next time. – kellyredbook Apr 24 '17 at 15:40